Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Debian Security Advisory DSA 3050-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3050.nasl 6663 2017-07-11 09:58:05Z teissa $ Auto-generated from advisory DSA 3050-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2014 Greenbone Networks GmbH...

RedHat Update for java-1.8.0-openjdk RHSA-2014:1636-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for java-1.7.0-openjdk RHSA-2014:1620-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security and bug fix update

Updated java-1.7.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

Adobe Flash Player casi32 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Inconsistent video sharing within iframe — Mozilla

Mozilla developers Eric Shepherd and Jan-Ivar Bruaroey reported issues with privacy and video sharing using WebRTC. Once video sharing has started within a WebRTC session running within an , video will continue to be shared even if the user selects the Stop Sharing" button in the controls. The...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

Amazon Linux AMI : kernel (ALAS-2014-368)

arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by number 1000. Array...

Design/Logic Flaw

The IKEv2 implementation in Cisco ASA Software 8.4 before 8.47.15, 8.6 before 8.61.14, 9.0 before 9.04.8, and 9.1 before 9.15.1 allows remote attackers to cause a denial of service device reload via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401...

CVE-2014-3383

CVE-2014-3383 affects Cisco ASA Software 9.1 before 9.1(5.1). The IKE implementation in the VPN component can be triggered by crafted UDP packets, allowing a remote attacker to cause a denial of service (device reload). Affected description is supported by multiple sources in the provided connect...

CVE-2014-3390

CVE-2014-3390 affects Cisco ASA with VNMC policy code. Authenticated, local attackers can exploit insufficient input sanitization in the VNMC policy to gain the root shell on the underlying Linux system. Affected software versions are Cisco ASA 8.7 prior to 8.7(1.14), 9.2 prior to 9.2(2.8), and 9...

Ubuntu: Security Advisory (USN-2379-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : TLS in Mozilla NSS vulnerability (K15630)

The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attac...

F5 Networks BIG-IP : Sockstress DoS tool vulnerability (SOL10509)

Sockstress DoS tool CVE-2008-4609. The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate...

CVE-2014-3192

Removed by vendor...

CVE-2014-7275

Removed by vendor...

GNU Bash - 'Shellshock' Environment Variable Command Injection

Exploit Database Note: The following is an excerpt from: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ Like “real” programming languages, Bash has functions, though in a somewhat limited implementation, and it is possible to put the...